technology, networking and IP telephony
Posts tagged LACP
802.1Q VLAN Tagging on a Cisco Catalyst 3750-E
14January 29, 2011
In the two previous posts I covered how to create multiple VLANs, trunk those VLANs between multiple stackable Avaya Ethernet Routing Switches utilizing Multi-Link Trunking and how to create Layer 3 IP interfaces to be used for routing IP packets between those VLANs.
In this post I thought I would expand the network topology of my previous two posts to include a Cisco Catalyst 3750-E. I’ll specifically cover how to trunk (bridge) multiple VLANs between a stackable Avaya Ethernet Routing Switch and the Cisco Catalyst 3750-E and how to configure multiple interfaces in a Link Aggregation Group (LAG) utilizing LACP similar to Avaya’s proprietary MLT feature.
Avaya Ethernet Routing Switch 4548
enable config t
Let’s start by making ports 45 and 46 trunk ports which will utilize 802.1Q tagging;
vlan ports 45,46 tagging tagAll
Let’s add the VLANs we wish to bridge across the trunk ports;
vlan members add 1 45,46 vlan members add 100 45,46 vlan members add 200 45,46
Now we’ll enable LACP on ports 45 and 46 using the same LACP key which will automatically create the LAG;
interface fastEthernet 45 lacp key 10 lacp mode active lacp timeout-time short lacp aggregation enable exit interface fastEthernet 46 lacp key 10 lacp mode active lacp timeout-time short lacp aggregation enable exit
Avaya Ethernet Routing Switch 4548 – Show Commands
4548GT-PWR#show lacp port 45,46 Admin Oper Trunk Partner Port Priority Lacp A/I Timeout Key Key AggrId Id Port Status ---- -------- ------- --- ------- ----- ----- ------ ----- ------- ------ 45 32768 Active A Short 10 12298 8224 32 302 Active 46 32768 Active A Short 10 12298 8224 32 303 Active 4548GT-PWR#show mac-address-table Mac Address Table Aging Time: 300 Number of addresses: 26 MAC Address Vid Source MAC Address Vid Source ----------------- ---- ------- ----------------- ---- ------- 00-02-B3-CB-77-A2 1 Port:19 00-04-61-9E-46-7E 1 Port:21 00-0C-29-64-33-F9 1 Port:19 00-0C-29-A5-CB-54 1 Port:19 00-0F-20-95-38-D5 1 Port:11 00-18-01-EA-F4-45 1 Port: 1 00-1C-11-6B-DC-6B 1 Port: 1 00-1C-11-6D-15-27 1 Port: 1 00-1C-11-6D-15-DC 1 Port: 1 00-1E-7E-7C-2C-00 1 00-1E-7E-7C-2C-40 1 00-1F-0A-CE-BC-01 1 Trunk:1 00-1F-0A-CE-BC-40 1 Trunk:1 00-1F-D0-D0-BE-2D 1 Port:17 00-23-EE-96-AA-21 1 Port: 1 00-24-B5-F6-94-02 1 Trunk:1 00-64-40-CF-4D-AD 1 Trunk:32 00-64-40-CF-4D-AE 1 Trunk:32 00-64-40-CF-4D-C0 1 Trunk:32 00-0A-E4-76-9C-C8 2 Port:44 00-24-DC-DF-0D-08 2 Port:43 00-A0-F8-5E-CE-BC 2 Port:39 00-1F-0A-CE-BC-41 100 Trunk:1 00-24-7F-99-84-70 100 Port:25 00-64-40-CF-4D-AD 100 Trunk:32 00-1E-CA-F3-1D-B4 200 Port:26 00-1F-0A-CE-BC-43 200 Trunk:1 00-64-40-CF-4D-AD 200 Trunk:32 4548GT-PWR#show mlt Id Name Members Bpdu Mode Status Type -- ---------------- ---------------------- ------ -------------- ------- ------ 1 MLT_to_ERS5520 47-48 All Basic Enabled Trunk 2 Trunk #2 NONE All Basic Disabled 3 Trunk #3 NONE All Basic Disabled 4 Trunk #4 NONE All Basic Disabled 5 Trunk #5 NONE All Basic Disabled 6 Trunk #6 NONE All Basic Disabled 7 Trunk #7 NONE All Basic Disabled 8 Trunk #8 NONE All Basic Disabled 9 Trunk #9 NONE All Basic Disabled 10 Trunk #10 NONE All Basic Disabled 11 Trunk #11 NONE All Basic Disabled 12 Trunk #12 NONE All Basic Disabled 13 Trunk #13 NONE All Basic Disabled 14 Trunk #14 NONE All Basic Disabled 15 Trunk #15 NONE All Basic Disabled 16 Trunk #16 NONE All Basic Disabled 17 Trunk #17 NONE All Basic Disabled 18 Trunk #18 NONE All Basic Disabled 19 Trunk #19 NONE All Basic Disabled 20 Trunk #20 NONE All Basic Disabled 21 Trunk #21 NONE All Basic Disabled 22 Trunk #22 NONE All Basic Disabled 23 Trunk #23 NONE All Basic Disabled 24 Trunk #24 NONE All Basic Disabled 25 Trunk #25 NONE All Basic Disabled 26 Trunk #26 NONE All Basic Disabled 27 Trunk #27 NONE All Basic Disabled 28 Trunk #28 NONE All Basic Disabled 29 Trunk #29 NONE All Basic Disabled 30 Trunk #30 NONE All Basic Disabled 31 Trunk #31 NONE All Basic Disabled 32 Trunk #32 45-46 Single DynLag/Basic Enabled Trunk
You might be looking at the output above and asking yourself what’s “Trunk 32″? Let me provide some quick background. You can have a total of 32 MLT/LAG trunks on a stackable Avaya Ethernet Routing Switch. When you create LACP trunks the switch automatically creates a LAG in the MLT table dynamically from the bottom up. While in the previous post I created “Trunk 1″ by trunking ports 47 and 48 together (see above), in this post I’ve created an LACP trunk on ports 45 and 46 which will be reported it the switch as “Trunk 32″. You can also see it in the MAC/FDB table above.
Cisco Catalyst 3750-E
enable config t
Let’s give the switch an IP address in VLAN 1 for management;
vlan 1 ip address 192.168.1.25 255.255.255.0 no shut exit
Let’s create VLAN 100 and VLAN 200 on the switch;
vlan 100 name "192-168-100-0/24" exit vlan 200 name "192-168-200-0/24" exit
Let’s add the appropriate edge ports to each VLAN;
interface range gigabitEthernet 1/0/1-12 switchport access vlan 1 exit interface range gigabitEthernet 1/0/13-24 switchport access vlan 100 exit interface range gigabitEthernet 1/0/24-36 switchport access vlan 200 exit
Let’s configure ports 45 and 46 as trunk ports and bond them together in channel-group utilizing LACP;
interface gigabitEthernet 1/0/45 switchport trunk encapsulation dot1q switchport mode trunk channel-protocol lacp channel-group 1 mode active interface gigabitEthernet 1/0/46 switchport trunk encapsulation dot1q switchport mode trunk channel-protocol lacp channel-group 1 mode active
Cisco Catalyst 3750-E – Show Commands
SW-3750-E#show lacp neighbor
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 1 neighbors
Partner's information:
LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Gi1/0/45 FA 32768 001e.7e7c.2c00 16s 0x0 0x300A 0x2D 0x3F
Gi1/0/46 FA 32768 001e.7e7c.2c00 27s 0x0 0x300A 0x2E 0x3F
Switch#show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
1 0004.619e.467e DYNAMIC Po1
1 000c.2964.33f9 DYNAMIC Po1
1 000c.29a5.cb54 DYNAMIC Po1
1 000f.2095.38d5 DYNAMIC Po1
1 0018.01ea.f445 DYNAMIC Po1
1 001c.116b.dc6b DYNAMIC Po1
1 001c.116d.1527 DYNAMIC Po1
1 001c.116d.15dc DYNAMIC Po1
1 001e.7e7c.2c01 DYNAMIC Po1
1 001e.7e7c.2c2d DYNAMIC Po1
1 001e.7e7c.2c2e DYNAMIC Po1
1 001f.d0d0.be2d DYNAMIC Po1
1 0023.ee96.aa21 DYNAMIC Po1
1 00a0.f85e.cebd DYNAMIC Po1
100 0024.7f99.84e9 DYNAMIC Po1
200 0008.02e4.890a DYNAMIC Gi1/0/25
200 001e.caf3.1db4 DYNAMIC Po1
Total Mac Addresses for this criterion: 37You might be asking why didn’t I assign the VLANs to the trunk ports on the Cisco Catalyst 3750-E… well with Cisco switches a trunk port is by default a member of all the VLANs that exist on the switch. So you don’t need to specifically add a VLAN to a trunk port, however, you can override the default behavior by telling the switch to only carry specific VLANs on a specific trunk port – this is called VLAN pruning.
Please feel free to point out any inconsistencies or errors I might have made.
Cheers!
LACP Configuration Examples (Part 3)
11August 29, 2009
In part 3 of this series I’ll provide a relatively simple example of a LACP LAG between a HP GbE2c L2/L3 switch and two Nortel switches, we’ll terminate two different LAGs on the two ERS 8600 switches using Nortel’s proprietary SMLT (Split MultiLink Trunking) technology.
Example 2 – Ethernet Routing Switch 8600 to a set of HP GbE2c L2/L3 switches using LACP trunks with SMLT
As I said before a picture is worth a thousand words and can be very helpful in designing any network topology.
I’m going to skip the configuration of the two Nortel Ethernet Routing Switch 8600s since you can refer to the earlier post for an example of how to configure them. In this design we need to disable the virtual cross connect that exists between the A and B sides of the two HP GbE2c switches. Please note that I’m working with the HP GbE2c (C-Class enclosure) not the GbE2 (P-Class enclosure). There are some slight differences between the two. The virtual trunk ports between the A and B sides are on ports 17 and 18 so those ports need to be disabled in order to prevent a loop.
HP-GbE2c-A / HP-GbE2c-B /c/port 17/dis /c/port 18/dis
With the virtual trunk cross connects disabled we can now wire each switch independently to the upstream switch(s) which in this case happens to be two ERS 8600s. As is usual for me I’ll create a network management VLAN and place the IP interface of each GbE2c switch in that VLAN (VLAN 200).
HP-GbE2c-A / HP-GbE2c-B /c/l2/vlan 200 /c/l2/vlan 200/ena /c/l2/vlan 200/name "10-101-255-0/24"
Let’s add VLAN 200 to the two ports, 21 and 22, that we’ll be using to uplink to the 8600 switches. We haven’t yet enabled tagging so the switch will ask you if you’d like to change the PVID from VLAN 1 (default) to VLAN 200, you can safely answer yes to this question.
HP-GbE2c-A / HP-GbE2c-B /c/l2/vlan 200/add 21 /c/l2/vlan 200/add 22
Let’s enable tagging on both uplink ports along with RMON and set the PVID just to be safe;
HP-GbE2c-A / HP-GbE2c-B /c/port 21/tag ena /c/port 21/pvid 200 /c/port 21/rmon e /c/port 22/tag ena /c/port 22/pvid 200 /c/port 22/rmon e
Let’s turn off Spanning Tree on the uplinks, we only want Spanning Tree local to the switch since SMLT will take care of providing the loop free topology.
HP-GbE2c-A / HP-GbE2c-B /c/l2/stp 1/port 21/off /c/l2/stp 1/port 22/off
Now it’s time to configure LACP and create the LAG (Link Aggregation Group). We’ll using LACP key 50 but you could use any admin key (number) so long as both ports are configured with the same admin key.
HP-GbE2c-A / HP-GbE2c-B /c/l2/lacp/port 21/mode active /c/l2/lacp/port 21/adminkey 50 /c/l2/lacp/port 22/mode active /c/l2/lacp/port 22/adminkey 50
Here’s the special sauce that will work in combination with the NIC teaming software to fail over in the event of an upstream switch problem or an uplink problem where the GbE2c continues to function but there’s a problem upstream. This configuration will cause the GbE2c switch to disable (admin-down) the server switch ports in the event that the LACP group goes down. This will cause the NIC teaming configuration on the servers to fail-over to the standby NIC.
HP-GbE2c-A / HP-GbE2c-B /c/ufd/on /c/ufd/fdp/ltm/addkey 50 /c/ufd/fdp/ltd/addport 1 /c/ufd/fdp/ltd/addport 2 /c/ufd/fdp/ltd/addport 3 /c/ufd/fdp/ltd/addport 4 /c/ufd/fdp/ltd/addport 5 /c/ufd/fdp/ltd/addport 6 /c/ufd/fdp/ltd/addport 7 /c/ufd/fdp/ltd/addport 8 /c/ufd/fdp/ltd/addport 9 /c/ufd/fdp/ltd/addport 10 /c/ufd/fdp/ltd/addport 11 /c/ufd/fdp/ltd/addport 12 /c/ufd/fdp/ltd/addport 13 /c/ufd/fdp/ltd/addport 14 /c/ufd/fdp/ltd/addport 15 /c/ufd/fdp/ltd/addport 16
If you haven’t already let’s configure an IP address (for management) on VLAN 200;
HP-GbE2c-A /c/l3/if 1/ena /c/l3/if 1/addr 10.1.255.128 /c/l3/if 1/mask 255.255.255.0 /c/l3/if 1/broad 10.1.255.255 /c/l3/if 1/vlan 200
We need to use a different IP address for the B side switch on VLAN 200;
HP-GbE2c-B /c/l3/if 1/ena /c/l3/if 1/addr 10.1.255.129 /c/l3/if 1/mask 255.255.255.0 /c/l3/if 1/broad 10.1.255.255 /c/l3/if 1/vlan 200
As mentioned by a few other folks on this blog and in the forums this solution only provides an active/passive solution in terms of the NIC teaming configuration. This is because the GbE2c L2/L3 switches don’t support IST/SMLT technology. While this will only provide 1Gbps of bandwidth (2Gbps if you count full duplex) between the blade server and the network it will provide significant level of redundancy and high-availability. In this design the network is protected from a GbE2c switch failure, a Nortel Ethernet Routing Switch 8600 failure, and multiple uplink/downlink failures.
Please feel free to post comments and questions here about this post. Questions regarding specific configurations can be posted in the forums; http://forums.networkinfrastructure.info/nortel-ethernet-switching/
Cheers!
LACP Configuration Examples (Part 2)
0August 19, 2009
In part 1 of this post I provided a pretty simple example of an LACP LAG between two Nortel switches. In this post I’ll provide another example with a small twist thrown in; we’ll terminate the LAG on two ERS 8600 switches using Nortel’s proprietary SMLT (Split MultiLink Trunking) technology. In this example I’ll substitute the Nortel Ethernet Switch 470 for a Ethernet Routing Switch 5520. You’ll notice that the LACP configurations (commands) are identical between the 470 and 5520 switches.
Example 2 – Ethernet Routing Switch 8600 to Ethernet Switch 5520 using LACP trunk with SMLT
As I said before a picture is worth a thousand words and can be very helpful in designing any network topology.
As with the previous example we’ll start with the Ethernet Routing Switch 8600s and then progress to the Ethernet Routing Switch 5520s. In this example we’ll need to configure two ERS 8600 switches, I’ll assume that you already have an IST (InnerSwitch Trunk) built and running properly.
Let’s start by configuring a MLT group the same way we did so in the previous example. The ERS8600-A switch first;
ERS8600-A config mlt 15 create config mlt 15 name "SMLT_LACP" config mlt 15 lacp key 15 config mlt 15 lacp enable
Now the ERS8600-B switch;
ERS8600-B config mlt 15 create config mlt 15 name "SMLT_LACP" config mlt 15 lacp key 15 config mlt 15 lacp enable
In this example I’ve chosen to connect the uplinks to port 2/17 on each switch. I’ve chosen to use the same ports on both switches only to make the configuration easier to understand for myself. I would use whatever ports I wanted on either switch so long as they are all running at the same speed. In this case the ports are both 10/100Mbps ports and will auto-negotiate to 100Mbps with the MDI-X feature of the ERS 5520 switch.
I’ll enable tagging (802.1q) just like I did in my previous example and I’ll remove VLAN 1 and add VLAN 99. Outside of this example you would just add whatever VLANs you’ll be extended to the edge switch.
ERS8600-A config ethernet 2/17 perform-tagging enable config vlan 1 ports remove 2/17 config vlan 99 ports add 2/17
Now the ERS8600-B switch;
ERS8600-B config ethernet 2/17 perform-tagging enable config vlan 1 ports remove 2/17 config vlan 99 ports add 2/17
Next we’ll enable LACP on the specific ports and group them using the same admin key;
ERS8600-A config ethernet 2/17 lacp key 15 config ethernet 2/17 lacp aggregation true config ethernet 2/17 lacp timeout short config ethernet 2/17 lacp enable
Now the ERS8600-B switch;
ERS8600-B config ethernet 2/17 lacp key 15 config ethernet 2/17 lacp aggregation true config ethernet 2/17 lacp timeout short config ethernet 2/17 lacp enable
Now because we’re going to be running in an SMLT configuration we need to make a few global changes. We need to enable LACP globally, but we also need to make sure that both switches use the same LACP identifier when communicating with the edge switch. This is necessary so the edge switch won’t know that it’s actually connected to two different switches upstream. If the LACP identifiers didn’t match between the two ERS8600 switches the edge switch would become confused.
ERS8600-A config lacp smlt-sys-id 00:01:81:28:84:00 config lacp enable
Now the ERS8600-B switch;
ERS8600-B config lacp smlt-sys-id 00:01:81:28:84:00 config lacp enable
We need to configure the MLT to operate in an SMLT configuration. We also need to make sure that any VLANs we are extending to the edge switch are also bridged across the IST between the two ERS 8600 switches. In this example I’m extending VLAN 99 so I need to add VLAN 99 to the IST which happens to be MLT 1.
ERS8600-A config mlt 15 smlt create smlt-id 15 config vlan 99 add-mlt 1
Now the ERS8600-B switch;
ERS8600-B config mlt 15 smlt create smlt-id 15 config vlan 99 add-mlt 1
That’s all the commands required for the two ERS8600 switches.
With that said there are some best practices that should be applied to all downlinks when utilizing SMLT.
While I left this out of the previous example these settings are applicable to both examples.
Let’s make sure that we enable CP-LIMIT which will shutdown the port if the switch receives too many broadcast or multicast frames per second. While some users don’t like this feature it’s better to cut off an offending closet than loose an entire network due to a loop or misconfigured switch. A word of warning here! You do not want CP-LIMIT enabled on any ports used in your IST, you also don’t want it enabled on the uplinks of any ERS8600 switches that reside at the edge as they might cut themselves off from the network. Instead enable it in the core on the downlinks to the edge switches and closet switches.
ERS8600-A config ethernet 2/17 cp-limit enable multicast-limit 2500 broadcast-limit 2500
Now the ERS8600-B switch;
ERS8600-B config ethernet 2/17 cp-limit enable multicast-limit 2500 broadcast-limit 2500
Another feature that helps protect the network is SLPP (Simple Loop Protection Protocol). In my opinion this feature is a must for any serious network. I can’t tell you how many times this feature has saved the networks I manage today. This feature will detect a misconfigured MLT/LACP at the edge switch and shutdown one of the downlink ports to preventing a loop. With SLPP you need to pay attention to the threshold setting. You want different thresholds between the two ERS8600 switches so that only one uplink gets shutdown.
ERS8600-A config slpp add 99 config slpp operation enable config ethernet 2/17 slpp packet-rx-threshold 50 config ethernet 2/17 slpp packet-rx enable
Now the ERS8600-B switch with a threshold of 5;
ERS8600-B config slpp add 99 config slpp operation enable config ethernet 2/17 slpp packet-rx-threshold 5 config ethernet 2/17 slpp packet-rx enable
That’s it for the two ERS8600 switches.
I’m literally going to cut and past the configuration of the ERS5520 from the previous example as it should be identical.
vlan ports 33,34 tagging tagAll
Let’s add VLAN 99 to the ports, I’ve already created the VLAN ahead of time.
vlan members add 99 33,34
Now we just need to configure the LACP parameters for each port and then enable LACP.
interface fastEthernet 33-34 lacp key 13 lacp mode active lacp timeout-time short lacp aggregation enable exit
Hopefully that’s been helpful!
Cheers!
